<?php

namespace App\Http\Middleware;

use Closure;

class IpWhiteListMiddleware
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        //后台登陆白名单
        $ip_list = setting('ip_white_list');
        $ip = $request->getClientIp();
        if ($ip_list){
            $ips = explode('|',$ip_list);
            if (in_array($ip,$ips)){
                $next($request);
            }
            else{
                auth('admin')->logout();
                flash('非法访问');
                return redirect(route('backend.login'));
            }
        }
        return $next($request);
    }
}
